Merge pull request #237 from bsv-blockchain/fix-auth-fetch-general-messages

fix: AuthFetch communication flow

Author: rohenaz

.github/workflows/codecov.yaml

@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 2
 

.github/workflows/golangci-lint.yaml

@@ -18,7 +18,7 @@ jobs:
     outputs:
       modules: ${{ steps.set-modules.outputs.modules }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/setup-go@v5
         with:
           go-version: ${{ env.GO_VERSION }}
@@ -32,7 +32,7 @@ jobs:
       matrix:
         modules: ${{ fromJSON(needs.detect-modules.outputs.modules) }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/setup-go@v5
         with:
           go-version: ${{ env.GO_VERSION }}

.github/workflows/sonar.yaml

@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
 
@@ -47,7 +47,7 @@ jobs:
           args: --timeout=5m --issues-exit-code=0 --output.checkstyle.path=golangci-lint-report.xml
 
       - name: SonarCloud Scan
-        uses: SonarSource/sonarqube-scan-action@v5.3.0
+        uses: SonarSource/sonarqube-scan-action@v5.3.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

CHANGELOG.md

@@ -4,6 +4,7 @@ All notable changes to this project will be documented in this file. The format
 
 ## Table of Contents
 
+- [1.2.9 - 2025-09-07](#129---2025-09-07)
 - [1.2.8 - 2025-08-07](#128---2025-08-07)
 - [1.2.7 - 2025-08-05](#127---2025-08-05)
 - [1.2.6 - 2025-07-21](#126---2025-07-21)
@@ -43,6 +44,25 @@ All notable changes to this project will be documented in this file. The format
 - [1.1.0 - 2024-08-19](#110---2024-08-19)
 - [1.0.0 - 2024-06-06](#100---2024-06-06)
 
+## [1.2.9] - 2025-09-07
+
+### Added
+- Codecov integration for automated code coverage reporting and analysis
+- New `auth/authpayload` package with HTTP request/response serialization
+- AuthFetch config options and methods
+- BRC104 HTTP headers support (`auth/brc104/auth_http_headers.go`)
+
+### Changed
+- Added `auth/authpayload` package
+- Updated dependencies
+- Minor documentation corrections
+
+### Fixed
+- AuthFetch communication flow issues and hanging processes during handshake
+- HTTP request payload preparation in auth client
+- SPV verification now properly handles invalid merkle paths by returning error instead of fallback to input verification
+- Headers client BlockByHeight now includes bounds check for empty headers array
+
 ## [1.2.8] - 2025-08-07
 
 ### Added